I have no idea whether or not this is the right list, but it seems that in
pkgsrc, there is:
The following security vulnerabilities are known for net/samba at May 1
10:20 :
samba<2.0.8 has a local-symlink-race exploit (see
http://www.securityfocus.com/templates/archive.pike?list=1&mid=177370 for
more details)
and at www.samba.org:
o (9th May 2001) Samba 2.0.9 released - SECURITY FIX
The recent Samba 2.0.8 release did not fix the local /tmp security
hole. The 2.0.9 release corrects that. Note that the 2.2.0 release
did fix the hole and you should only install 2.0.9 if you don't
want to use the 2.2.x release just yet. The 2.0.9 release is
available here and the patch is available here.
Cheers,
Patrick